KaiGai Kohei <kaigai@kaigai.gr.jp> writes:
> Heikki Linnakangas wrote:
>> If we drop the goal of trying to restrict what a superuser can do, is the
>> patch still useful?
>
> I want to keep permission checks on files specified by users, because
> the "superuser" permission affects very wide scope, and all or nothing
> policy in other word.
> However, the combination of clients and files is not so simple, and
> I think it is necessary to apply permission checks individually.
I would think the big advantage of something like SELinux is precisely in
cases like this. So for example a client that has a capability that allows him
to read a file can pass that capability to the server and be able to use COPY
to read it directly on the server.
-- Gregory Stark EnterpriseDB http://www.enterprisedb.com Ask me about EnterpriseDB's PostGIS support!